def user_auth(): """ POST /auth Takes a user's username and password and attempts to auth against the database. If there is a match, it will return `status: 200` and an auth token to use for future operations. Note that the auth token expires after a set amount of time. """ config = manager.RESTAPIManager.get_instance().config.get_section("auth-tokens") username = request.forms.get("username") password = hashlib.sha512(request.forms.get("password")).hexdigest() try: res = User.get(User.username == username, User.password == password) except Exception: resp = routing.base.generate_error_response(code=409) resp["message"] = "Invalid username or password." return json.dumps(resp) + "\n" token = res.create_token() resp = routing.base.generate_bare_response() resp["username"] = username resp["auth"] = { "token": token.token, "expires": config.get_int("expire", 14400), } return json.dumps(resp) + "\n"
def user_auth(): """ POST /auth Takes a user's username and password and attempts to auth against the database. If there is a match, it will return `status: 200` and an auth token to use for future operations. Note that the auth token expires after a set amount of time. """ config = manager.RESTAPIManager.get_instance().config.get_section( "auth-tokens") username = request.forms.get("username") password = hashlib.sha512(request.forms.get("password")).hexdigest() try: res = User.get(User.username == username, User.password == password) except Exception: resp = routing.base.generate_error_response(code=409) resp["message"] = "Invalid username or password." return json.dumps(resp) + "\n" token = res.create_token() resp = routing.base.generate_bare_response() resp["username"] = username resp["auth"] = { "token": token.token, "expires": config.get_int("expire", 14400), } return json.dumps(resp) + "\n"
def user_info(username): """ GET /user/:username Headers: X-Keydom-Session => current session token Returns information about a user. Some information will only be returned if a valid session token is provided. """ token = token_by_header_data(request.headers.get("X-Keydom-Session")) if token is not None and token.has_expired: token = None try: user = User.get(User.username == username) except Exception: resp = routing.base.generate_error_response(code=404) resp["message"] = "Invalid username." return json.dumps(resp) + "\n" resp = routing.base.generate_bare_response() resp["user"] = { "username": user.username, "join_date": str(user.join_date), } if token: # Information for registered users is inserted here. resp["user"].update({ "email": user.email, }) return json.dumps(resp) + "\n"
def user_register(): """ POST /register Attempts to register a username for use. Returns `status: 200` if success, or these values on failure: `status: 409` - if username is taken """ username = request.forms.get("username") password = request.forms.get("password") email = request.forms.get("email") res = (User.select().where((User.username == username) | (User.email == email))) if res.count() > 0: resp = routing.base.generate_error_response(code=409) resp["message"] = "Username taken." return json.dumps(resp) + "\n" if not validate_email(email): resp = routing.base.generate_error_response(code=409) resp["message"] = "Invalid email address." return json.dumps(resp) + "\n" password = hashlib.sha512(password).hexdigest() new_user = User.create(username=username, password=password, email=email) new_user.save() resp = routing.base.generate_bare_response() resp["account"] = { "registered": True, "username": username, "email": email } return json.dumps(resp) + "\n"
def user_list(): """ GET /users Returns a JSON list of all the users registered in the database. """ users = [] for user in User.select(): users.append(user.username) resp = routing.base.generate_bare_response() resp.update({"users": users}) yield json.dumps(resp) + "\n"
def key_get_user_keys(username): """ GET /keys/<username> Returns the keys for the specified username based on the requesting user's scope. """ token = token_by_header_data(request.headers.get("X-Keydom-Session")) if not token: req_user = None else: req_user = token.for_user if token is not None and token.has_expired: resp = routing.base.generate_error_response(code=403) resp[ "message"] = "Authentication token has expired. Request another." return json.dumps(resp) + "\n" user = User.get(username=username) scope = Key.VIS_PUB # Default to lowest permission scope. if token and user.is_friends(req_user): scope = Key.VIS_PRIV elif user == req_user: scope = Key.VIS_SELF else: scope = Key.VIS_PUB user_keys = user.scoped_keys(scope) resp = routing.base.generate_base_response() resp["keys"] = [] resp["owner"] = { "username": user.username, "scope": scope, } for key in user_keys: resp["keys"].append({ "short_name": key.short_name, "key": key.content, "fingerprint": key.fingerprint(), "published": str(key.published_at), }) return json.dumps(resp) + "\n"
def key_get_user_keys(username): """ GET /keys/<username> Returns the keys for the specified username based on the requesting user's scope. """ token = token_by_header_data(request.headers.get("X-Keydom-Session")) if not token: req_user = None else: req_user = token.for_user if token is not None and token.has_expired: resp = routing.base.generate_error_response(code=403) resp["message"] = "Authentication token has expired. Request another." return json.dumps(resp) + "\n" user = User.get(username=username) scope = Key.VIS_PUB # Default to lowest permission scope. if token and user.is_friends(req_user): scope = Key.VIS_PRIV elif user == req_user: scope = Key.VIS_SELF else: scope = Key.VIS_PUB user_keys = user.scoped_keys(scope) resp = routing.base.generate_base_response() resp["keys"] = [] resp["owner"] = { "username": user.username, "scope": scope, } for key in user_keys: resp["keys"].append({ "short_name": key.short_name, "key": key.content, "fingerprint": key.fingerprint(), "published": str(key.published_at), }) return json.dumps(resp) + "\n"
def user_register(): """ POST /register Attempts to register a username for use. Returns `status: 200` if success, or these values on failure: `status: 409` - if username is taken """ username = request.forms.get("username") password = request.forms.get("password") email = request.forms.get("email") res = (User .select() .where((User.username == username) | (User.email == email))) if res.count() > 0: resp = routing.base.generate_error_response(code=409) resp["message"] = "Username taken." return json.dumps(resp) + "\n" if not validate_email(email): resp = routing.base.generate_error_response(code=409) resp["message"] = "Invalid email address." return json.dumps(resp) + "\n" password = hashlib.sha512(password).hexdigest() new_user = User.create( username=username, password=password, email=email) new_user.save() resp = routing.base.generate_bare_response() resp["account"] = { "registered": True, "username": username, "email": email } return json.dumps(resp) + "\n"